testing ipsec ?
augie
schwer at sonic.net
Sat Jan 4 13:55:01 PST 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, Jan 04, 2003 at 12:22:43PM -0800, Mark Street wrote:
> hmmmm.... port 500 UDP needs to be open, adjust your firewall rules
> accordingly. I don't know what type you use...
here is a small subsection of my firewall rules, i use iptables:
# ipsec
$IPT -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
$IPT -A INPUT -p 50 -j ACCEPT
$IPT -A INPUT -p 51 -j ACCEPT
# allow all ipsec traffic
$IPT -A INPUT -i ipsec0 -j ACCEPT
there is a small warning in the logs about rp_filter being on, and
ipsec wanting it to be off. [shurg] in anycase it works and i like it!
-augie
ps...i'm in the ssu library right now testing out my new wireless
card, and it actually works! woo-hoo! next step mix ipsec and wireless
to create a secure wireless gateway... :)
- --
irc.nblug.org #nblug
registered linux user #229905
gpg public key: http://www.sonic.net/schwer/schwer.asc
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE+F1gzy5knhCewwHIRAigeAJ9kwIycfOBHLH2N6yiUlOcvKfA4fQCgub6p
cepfSUT8C6byZG1ehFfPZqs=
=oOLK
-----END PGP SIGNATURE-----
More information about the talk
mailing list